This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft File: nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft (raw, json) Hash identifier: UhvD9s1fed0sdnEkwXhEE/L/83RR/T9dWs8FZ6qa7HY= Subject key identifier: 6B:57:39:3C:0F:9B:77:F1:D1:E3:DB:82:15:D4:8D:FA:A8:B6:A3:E4 Authority key identifier: 9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65 Certificate issuer: /CN=9d75cf6c6019f059e465e4deb204cd242bd4b465 Certificate serial: 019AF1D1AFCEE36F2FB932069B60E038C525 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft Manifest number: 1383 Signing time: Sat 06 Dec 2025 04:00:42 +0000 Manifest this update: Sat 06 Dec 2025 04:00:42 +0000 Manifest next update: Sun 07 Dec 2025 04:00:42 +0000 Files and hashes: 1: k3gz5duj9CFhYELeViKRfCBvdLQ.roa (hash: sqXEDoIPEFamPJfQ+MXgutDdyy3EAS9+6SZZLlnP/eE=) 2: nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl (hash: /aUdilHqZ6Dr0fbQa+3WNYbO3R3veJjskzb29mm3+ZM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:af:ce:e3:6f:2f:b9:32:06:9b:60:e0:38:c5:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d75cf6c6019f059e465e4deb204cd242bd4b465 Validity Not Before: Dec 6 04:00:42 2025 GMT Not After : Dec 7 04:00:42 2025 GMT Subject: CN=6b57393c0f9b77f1d1e3db8215d48dfaa8b6a3e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:21:ae:d7:15:88:8d:9c:a7:af:69:60:9b:7a: da:aa:8f:50:5d:03:93:22:a4:0c:2e:f8:de:ed:71: 2f:31:54:6c:42:48:d0:4a:7a:1b:3a:f6:14:aa:0b: 96:22:41:5d:14:7a:d5:5e:77:6c:2c:fc:73:8d:56: d4:d0:67:83:5d:27:d7:8a:f6:96:f4:4f:2b:5e:69: a6:d1:16:7b:e9:cd:0b:d6:58:1c:dd:f7:0c:8c:4f: 3c:69:1d:74:90:1d:ac:08:a4:cf:87:2e:63:2d:21: 13:4e:1a:45:25:65:12:86:51:bd:62:3a:92:c9:48: 59:ff:53:c2:ea:4c:07:5c:aa:00:87:cb:21:ad:ec: e4:6a:09:9b:34:9f:de:5b:49:f0:82:40:17:b1:70: c4:6e:02:c6:8a:63:c1:66:87:76:5a:bf:11:a2:27: 9f:fd:43:5a:f8:64:52:c8:45:b6:aa:a3:7c:78:94: 3c:4c:f1:99:33:56:43:e7:3b:d3:f1:60:6d:a0:95: b9:1d:a7:50:60:19:63:82:21:95:f3:66:20:03:72: cd:26:bd:34:3e:59:18:4f:12:e8:ce:bb:69:5e:73: 6b:ff:6d:ec:f5:dd:72:78:d7:ac:fc:6a:20:33:82: 4e:11:a2:ae:e8:af:35:e9:36:24:a5:c9:cf:67:ed: d0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:57:39:3C:0F:9B:77:F1:D1:E3:DB:82:15:D4:8D:FA:A8:B6:A3:E4 X509v3 Authority Key Identifier: keyid:9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:46:5e:55:a7:df:8e:e1:6b:07:19:4c:a0:c0:b5:47:9c:8a: 0e:1a:4c:60:1f:7f:0d:f0:5d:c7:b5:60:30:08:c4:6f:da:23: 44:cc:e6:f4:f6:c5:86:9d:d7:37:c8:cb:7f:fa:7e:7b:e4:cf: 47:da:1b:ae:31:76:03:5f:9b:84:a1:88:12:07:20:b6:85:19: 02:5d:00:11:c8:62:60:39:f2:87:23:8e:1c:60:45:79:ea:89: f5:ea:48:6f:cd:23:6a:58:e4:e5:45:68:27:66:9a:e1:a9:bf: e4:f3:bc:91:e0:d4:5c:15:11:39:97:ed:9d:36:3f:42:7e:4e: 12:60:f8:31:e3:da:da:7b:bd:20:e1:56:62:ce:d4:a8:99:c8: 30:37:39:c7:a5:94:a6:b9:bc:89:4b:43:17:c3:70:7e:ee:de: 37:0c:b2:58:a7:0f:8b:af:25:e8:78:9a:db:33:58:f6:95:da: c9:b0:36:a7:24:a4:14:bc:1c:9e:39:5d:45:b6:cb:d6:a6:0c: f9:32:ff:6f:ce:d6:0e:f6:19:a0:21:2f:2b:9c:09:fb:a9:a4: c9:2a:76:75:9a:87:23:fa:22:c9:23:25:6c:08:5c:98:e7:ea: 73:d4:10:5f:93:b2:8f:5f:09:1e:99:89:4f:3b:23:0d:ce:bc: e9:9b:02:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0a/O428vuTIGm2DgOMUlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNzVjZjZjNjAxOWYwNTllNDY1ZTRkZWIyMDRjZDI0MmJk NGI0NjUwHhcNMjUxMjA2MDQwMDQyWhcNMjUxMjA3MDQwMDQyWjAzMTEwLwYDVQQD Eyg2YjU3MzkzYzBmOWI3N2YxZDFlM2RiODIxNWQ0OGRmYWE4YjZhM2U0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSGu1xWIjZynr2lgm3raqo9QXQOT IqQMLvje7XEvMVRsQkjQSnobOvYUqguWIkFdFHrVXndsLPxzjVbU0GeDXSfXivaW 9E8rXmmm0RZ76c0L1lgc3fcMjE88aR10kB2sCKTPhy5jLSETThpFJWUShlG9YjqS yUhZ/1PC6kwHXKoAh8shrezkagmbNJ/eW0nwgkAXsXDEbgLGimPBZod2Wr8Roief /UNa+GRSyEW2qqN8eJQ8TPGZM1ZD5zvT8WBtoJW5HadQYBljgiGV82YgA3LNJr00 PlkYTxLozrtpXnNr/23s9d1yeNes/GogM4JOEaKu6K816TYkpcnPZ+3QDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGtXOTwPm3fx0ePbghXUjfqotqPkMB8GA1UdIwQY MBaAFJ11z2xgGfBZ5GXk3rIEzSQr1LRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEt NzZiMWFlNjJmMDcyLzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEtNzZiMWFlNjJmMDcy LzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUZeVaff juFrBxlMoMC1R5yKDhpMYB9/DfBdx7VgMAjEb9ojRMzm9PbFhp3XN8jLf/p+e+TP R9obrjF2A1+bhKGIEgcgtoUZAl0AEchiYDnyhyOOHGBFeeqJ9epIb80jaljk5UVo J2aa4am/5PO8keDUXBUROZftnTY/Qn5OEmD4MePa2nu9IOFWYs7UqJnIMDc5x6WU prm8iUtDF8Nwfu7eNwyyWKcPi68l6Hia2zNY9pXaybA2pySkFLwcnjldRbbL1qYM +TL/b87WDvYZoCEvK5wJ+6mkySp2dZqHI/oiySMlbAhcmOfqc9QQX5Oyj18JHpmJ TzsjDc686ZsC7w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:44:26 2025 by rpki-client